Qualys Cloud Platform

Free Services

@RISK Newsletter for November 26, 2015

The consensus security vulnerability alert.

Vol. 15, Num. 47

This is a weekly newsletter that provides in-depth analysis of the latest vulnerabilities with straightforward remediation advice. Qualys supplies a large part of the newly-discovered vulnerability content used in this newsletter.

CONTENTS:

TOP VULNERABILITY THIS WEEK: Certain Dell Laptops Found to Ship with

Root Certificate, Private Key

NOTABLE RECENT SECURITY ISSUES SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP

Title: Certain Dell Laptops Found to Ship with Root Certificate, PrivateKeyDescription: Researchers have found that certain Dell Laptops ship witha pre-installed root certificate and private key corresponding to thecertificate. The certificate can be identified by name as “eDellRoot”in the certificate trust store within Windows. This issue couldpotentially allow an attacker to man-in-the-middle a secure connectionand steal sensitive information. End users are advised to remove thecertificate from the trust store to reduce the risk of exposure.Reference: https://threatpost.com/dell-computers-ship-with-root-cert-private-key/115455/Snort SID: 36887

Title: ARRIS Cable Modems Found to Generate Passwords Deterministicallyand Contain XSS and CSRF vulnerabilitiesDescription: A researcher has discovered that ARRIS cable modems containmultiple vulnerabilities as well as a “backdoor in a backdoor”. Using apublicly known algorithm, it’s possible to generate a “password of theday” for various ARRIS cable modem models and login as a technician.Once logged into the modem, an attacker could enable remoteadministration, login to the cable modem, and obtain a BusyBox shell.Reference: http://www.kb.cert.org/vuls/id/419568

Title: VMware Issues Advisory to Address Apache Flex BlazeDSVulnerability in Certain ProductsDescription: VMware has issued a security advisory for VMware vCenterServer, vCloud Director, and Horizon View to address an XML eXternalEntity (XXE) vulnerability in Apache Flex BlazeDS. Flex BlazeDS is asoftware package used within several VMware products that has beenidentified to contain this vulnerability. VMware has released updatedsoftware packages to update Flex BlazeDS and correct the flaw.Reference: http://www.vmware.com/security/advisories/VMSA-2015-0008.html

RECENT VULNERABILITIES FOR WHICH EXPLOITS ARE AVAILABLE COMPILED BY THE QUALYS VULNERABILITY RESEARCH TEAM

This is a list of recent vulnerabilities for which exploits areavailable. System administrators can use this list to help inprioritization of their remediation activities. The Qualys VulnerabilityResearch Team compiles this information based on various exploitframeworks, exploit databases, exploit kits and monitoring of internetactivity.